dnsmasq < 2.78 (Security vulnerabilities)

Question

dnsmasq < 2.78 (Security vulnerabilities)

jamesmacwhite opened this issue 7 years ago · comments

Package: dnsmasq

Due to several security issues/bugs found with dnsmasq versions < 2.78 recently, is it possible sync the recent changes to dnsmasq from LEDE into Entware?

I'm aware, that a sync happens every few months or so, but due to the vulnerability/security nature of this update, is it possible to push these changes up?

lede-project/source@67ac017
https://security.googleblog.com/2017/10/behind-masq-yet-more-dns-and-dhcp.html

Various CVE's have been published.

Andrey Sechin · Answer 1 · Wed Oct 04 2017 01:04:48 GMT+0800 (China Standard Time)

Done. arm & intel feeds updated. mips & mipsel will be updated soon.

James #FFFFFF · Answer 2 · Wed Oct 04 2017 01:05:50 GMT+0800 (China Standard Time)

@zyxmon Many thanks for this! Much appreciated!